Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 8.0.0.GA
Affects Version/s: None
Component/s: None
Labels:
- EAP8_GA
- MH
- kcs

Story Points:
2
Blocked:
False
Blocked Reason:
None
Ready:
False
Git Pull Request:
https://gitlab.cee.redhat.com/red-hat-jboss-enterprise-application-platform-documentation/eap8-documentation/-/merge_requests/338
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

The "JBoss EAP on OpenShift Container Platform", section "2.3. Configure authentication to the Red Hat Container Registry" instructs users to:

1. "create an authentication token using a registry service account",
2. "download the YAML file containing the OpenShift secret for the token",
3. "create the authentication token secret for your OpenShift project" via oc create -f 1234567_myserviceaccount-secret.yaml
4. "configure the secret for your OpenShift project" via

oc secrets link default 1234567-myserviceaccount-pull-secret --for=pull
oc secrets link builder 1234567-myserviceaccount-pull-secret --for=pull

EAP 8: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8-beta/html/using_jboss_eap_on_openshift_container_platform/assembly_building-and-running-jboss-eap-applicationson-openshift-container-platform_default#proc_configuring-registry-authentication_assembly_building-and-running-jboss-eap-applicationson-openshift-container-platform
EAP 7.4: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/getting_started_with_jboss_eap_for_openshift_container_platform/index#container_registry_authentication

These instructions were written in times of OCP 3.11, where this was necessary. In OCP 4.x this is no longer necessary, the access to RH Registry is available by default. However the main issue here is that due to a bug in OCP, following these instructions on OCP 4.x makes it impossible do pull images from any registry at all (even from the internal OpenShift registry), which makes the namespace largely unusable. Definitely user will not be able to follow any of our quickstarts and build or deploy any EAP applications.

The OCP bug for this is ~~OCPBUGS-23245~~, you can check it for more details about what exactly breaks. Unfortunately it has been rated with low priority so it doesn't seem it will be fixed very soon.

The documentation should be modified to the effect that the steps mentioned above are only valid for OCP 3.x and should not be used on OCP 4.x.

These changes should be done for all EAP versions - 7.4, 8.0, XP4/5.

is cloned by

EAPDOC-1832 Following "JBoss EAP on OpenShift" docs instructions causes issues (RH registry auth)

EAPDOC-1836 Following "JBoss EAP on OpenShift" docs instructions causes issues (RH registry auth)

is related to

OCPBUGS-23245 ImageStreams and Pods fail to pull images when Dev Portal generated secret is added in the namespace

Closed

links to

KCS

kcs

mentioned on

Merge request - EAPDOC-1637: Remove section Configure authentication to the Red Hat Container Registry

(1 mentioned on)

Assignee:: Rahuul Chettri

Reporter:: Tomas Hofman

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2023/11/23 8:51 AM

Updated:: 2024/05/31 12:47 PM

Resolved:: 2024/05/31 12:47 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates